Red-Database-Security GmbH is specialized in Oracle Security

Products
Repscan 2.5
Hedgehog Enterprise
Checkpwd (free)

Services
Oracle Audit / Hardening
Security Training
Consulting

Information
Oracle Security Blog
Published Alerts
Upcoming Alerts
Patch Information
Whitepaper
Presentations
Oracle Fact Sheets
Exploits
Tutorials
Videos
Scripts

News & Events
Events
News

Company
Contact
People
Partner
Impressum
Sitemap


Search



Search Red-Database-Security

Buffer Overflow in DBMS_REPCAT_INSTANTIATE in Oracle 9i

Name Buffer Overflow Oracle DBMS_REPCAT_INSTANTIATE in Oracle 9i (up to 9.2.0.4)
Systems Affected Oracle 9i
Severity High Risk
Category Buffer Overflow
Vendor URL http://www.oracle.com/
Credit Esteban Martinez Fayo (<argeniss>dot<com>)
Exploit http://www.appsecinc.com
Date 01 May 2005 (V 1.00)

Details

Buffer Overflow in DBMS_REPCAT_INSTANTIATE. This package has EXECUTE permission granted to PUBLIC. Every database user can exploit this vulnerability and crash the database or execute arbitrary code. This vulnerability can be exploited via SQL Injection



Workarounds
REVOKE EXECUTE ON SYS.DBMS_REPCAT_INSTANTTIATE FROM PUBLIC FORCE;


Example
DECLARE
mynum NUMBER;
BEGIN
mynum := DBMS_REPCAT_INSTANTIATE.INSTANTIATE_OFFLINE('longstring','');
END;

or

SELECT DBMS_REPCAT_INSTANTIATE.INSTANTIATE_ONLINE ('longstring','') FROM Dual


Patch Information
Revoke the grant or apply the latest Oracle Security patches (e.g. CPU April 2004).


2005 by Red-Database-Security GmbH - last update 02-nov-2005

Definition Exploit
An exploit is a common term in the computer security to refer to a piece of software that take advantage of a bug or vulnerability leading to a privilege escalation or d.o.s. on a computer system.
Computer security experts are using exploit code to test if a patch is working properly.